Podcast Episode Details
Back to Podcast Episodes
Interview with Brian Mullen from AMI
Episode 57
In this episode of Below the Surface, host Paul Asadoorian is joined by Brian Mullen, head of SSDLC at AMI, to discuss the complexities of supply chain and firmware security. They explore the challenges of maintaining security in a complicated supply chain, the importance of proactive and reactive security measures, and the implications of end-of-life software. The conversation also touches on the gaming industry's push for secure boot, recent vulnerabilities discovered in firmware, and the role of BMCs in security. Brian shares insights into AMI's approach to vulnerability management and the future of firmware security, including the significance of Software Bill of Materials (SBOMs).
Whitepaper: https://eclypsium.com/wp-content/uploads/OpenBMC-Security-in-Practice.pdf
Chapters
00:00 Introduction and Technical Setup
01:46 The Challenges of Podcasting and Marketing
03:42 Understanding AMI and Its Role in Firmware Security
06:13 Supply Chain Complexity and Security Measures
08:49 Proactive vs Reactive Security in Firmware
11:17 The Importance of Stable Firmware in Security
13:54 Navigating Vulnerabilities in UEFI and OpenSSL
16:24 The Impact of Cherry-Picking Security Updates
19:11 Tracking Vulnerabilities Across the Supply Chain
21:50 Solutions for Data Center Firmware Management
24:21 Future Directions in Vulnerability Management
24:38 Navigating Vulnerability Management
28:30 End of Life and Support Challenges
31:55 Gaming Security and Anti-Cheat Mechanisms
35:38 The Complexity of Secure Boot Implementation
36:50 Recent Vulnerabilities and Security Research
39:44 Understanding BMC Security
43:34 Open Source and BMC Development
46:30 The Role of SBOMs in Security Compliance
Published on 1 month, 3 weeks ago